Phillip Wylie
Region: US
Wednesday 30 July 2025 22:41:15 GMT
31472
763
27
30
Music
Download
Comments
ɥʇolsɔǝsɹǝqʎƆ :
if you can't bypass threat locker then you don't need to be doing a pentests...
2025-09-24 12:58:39
18
Eddie :
What company ? May need something similar asap.
2025-09-28 02:32:16
0
Daniel :
If the aim is to test a specific control method or system, denying access to it via a different control method that isn't under test is stupid.
2025-09-28 20:50:00
0
KarlioWarlio :
I always get asked to whitelist IP’s in Cloudflare WAF for Pentests. Always seems like a weird request to me. 😅
2025-09-27 15:40:25
0
qwerty :
100% sponsored, never said that in my 10y red team
2025-08-02 14:43:59
47
Stopthetiktok :
802.1x with cert auth isn’t a new thing. No need for a vendor product like that. Besides.. anything that doesn’t run that software (tons of random stuff) will still be vuln. No pen tester will care about threat locker as they jump around.
2025-08-01 05:44:19
6
Adam :
Our CE+ assessor kept asking us to turn Threatlocker off, I was like, er, nooo, that's not how it works 😂
2025-09-27 07:08:08
0
cybergav :
This is definitely an advertisement
2025-09-24 15:34:05
16
xploitnik :
act as an compromised user used allowed channels and tools avoid execution blocks ring fencing, is one of my fav to jump over or dig under(methaphor)
2025-09-25 14:27:36
1
TheLastDeity :
It’s a shame it costs so much they are scared to list pricing on their site!
2025-09-27 21:05:04
0
Mrvmware :
Cisco been doing 802.11x for many many years and ISE is a much better tool!
2025-09-27 10:29:47
0
plus3five3 :
This is excellent compelling content tbf
2025-09-29 06:57:48
0
Brandon :
Whilst I was studying for my Sec+ (I passed in match) I learned how to setup a network like this that it doesn’t allow any connectivity for unknown devices.
2025-07-31 00:23:35
4
X41 :
If we're talking about red teaming I 100% agree with you, but a pentest is different imho. In an RTA I'm to test how you would do in a real world scenario, in a pentest I'm looking for anything that could be a potential issue. In your scenario if there's a machine running some outdated, vulnerable stuff on it, adding an untrusted device to your network won't do shit. Yay! If Kevin from accounting clicks the link in the email that promised him pictures of puppies on his trusted machine you've got a problem though It's the same with stuff like WAFs. I always tell clients to turn them off cause I'm there to figure out if their backend has any potential vulnerabilities in case some way to bypass the filter is ever found, not so I can spend a week of my time and your money to see if I can bypass it myself
2025-09-28 10:38:48
1
taylor :
Right-click LSASS dump from task manager is savage.
2025-07-31 20:26:37
2
Trollmaster3002 :
so just take control of a trusted device.
2025-09-07 10:09:30
3
Bocepheus :
So long as the report shows findings before you turn it off, that would clearly show the value of the product.
2025-09-23 16:08:33
1
1000_burning_arrows :
People mix this up all the time. A penetration test is short usually a week or two and it is about finding vulnerabilities and proving risk. That is why defences sometimes get tuned or allowlisting happens we are showing where the holes are not testing your SOC. A red team is completely different. That is long term and stealthy testing your visibility alerting and response. One is about discovery the other is about detection. Both matter just do not confuse the two.
2025-09-27 13:15:55
0
CoolDude :
Lmao, I just put my 9 year old to bed in that t-shirt.
2025-07-31 03:08:23
2
To see more videos from user @phillip.wylie, please go to the Tikwm
homepage.
